Industry analyst reaction was mixed after XM Cyber, a cyber threat intelligence and breach and attack simulation provider, announced its March acquisition of Confluera, which offers autonomous detection and response (ADR) solutions. By combining XM Cyber’s expertise in breach and attack simulation with Confluera’s cutting-edge ADR capabilities, the newly formed entity hopes to deliver an improved level of protection against cyber threats.
XM Cyber “is really a neo on-premises Breach Attack Simulation (BAS) or SOC tool with some cloudy features, such as attack path management,” says Tom Croll of Lionfish Tech Advisors. “Their core technology seems like it could be redeployed for public cloud without much effort and indeed may have been done successfully. However, I’m not convinced that they are inherently public cloud-native.”
The acquisition signifies the need for consolidation in the cybersecurity landscape, reflecting the growing importance of a multifaceted approach to defense. By combining XM Cyber’s expertise in breach and attack simulation with Confluera’s ADR capabilities, the newly formed entity could provide customers with a more comprehensive view of their security posture, enabling them to detect and respond to threats more effectively and efficiently.
As businesses continue to face an increasingly complex and dynamic threat environment, the need for adaptive and integrated cybersecurity solutions becomes ever more critical.
At the time the acquisition was announced, XM Cyber and Confluera executives said the advantages of the combined offering lay in the ability to provide organizations with a more holistic view of their cybersecurity posture. Confluera’s ADR technology gives XM Cyber customers access to real-time threat intelligence and incident response capabilities, enabling them to more effectively prioritize and address vulnerabilities in their security infrastructure, the executives said.
Croll was cautious about XM Cyber and Confluera’s joined-up capabilities.
“The addition of Confluera gives XM Cyber a truly cloud native capability for runtime monitoring, public cloud attack path management, and cloud detection and response – they’re usually CXDR [cloud extended detection and response],” Croll says.
However, elements were missing in the combination to really be considered “a fully-functioning CNAPP” platform, such as software composition analysis, DevSecOps integration, and extensive CIEM features, he adds.
The acquisition signals a broader trend in the cybersecurity sector, as companies look to consolidate and strengthen their offerings to meet the evolving needs of their customers. As businesses around the world grapple with the challenges of digital transformation and the growing threat of cyberattacks, more acquisitions and partnerships among smaller providers like these will be more likely.